What steps will reproduce the problem?
1-MD5 and SHA-1 are popular cryptographic hash algorithms often used to verify
the integrity of messages and other data.
Recent advances in cryptanalysis have discovered weaknesses in both algorithms.
Consequently, MD5 and SHA-1 should no longer be relied upon to verify the
authenticity of data in security-critical contexts.
What is the expected output? What do you see instead?
Recommendations:
Discontinue the use of MD5 and SHA-1 for data-verification in security-critical
contexts. Currently, SHA-224, SHA-256, SHA-384 and SHA-512 are good
alternatives.
Additional information.
Php Version:
Lines Affected on outh.php :
132
207
227
492
Many Thanks
Ivan Sanchez / www.evilcode.com.ar
Original issue reported on code.google.com by infonull...@gmail.com on 20 Oct 2011 at 12:38
Original issue reported on code.google.com by
infonull...@gmail.comon 20 Oct 2011 at 12:38